diff --git a/core/modules/block/lib/Drupal/block/Tests/BlockUserAccountSettingsTest.php b/core/modules/block/lib/Drupal/block/Tests/BlockUserAccountSettingsTest.php index ef482ee..69af511 100644 --- a/core/modules/block/lib/Drupal/block/Tests/BlockUserAccountSettingsTest.php +++ b/core/modules/block/lib/Drupal/block/Tests/BlockUserAccountSettingsTest.php @@ -31,7 +31,7 @@ public static function getInfo() { public function setUp() { parent::setUp(); - $admin_user = $this->drupalCreateUser(array('administer users')); + $admin_user = $this->drupalCreateUser(array('administer users', 'administer user fields')); $this->drupalLogin($admin_user); } diff --git a/core/modules/comment/comment.module b/core/modules/comment/comment.module index e700723..e0d3586 100644 --- a/core/modules/comment/comment.module +++ b/core/modules/comment/comment.module @@ -117,7 +117,6 @@ function comment_entity_info(&$info) { 'path' => 'admin/structure/types/manage/%comment_node_type/comment', 'bundle argument' => 4, 'real path' => 'admin/structure/types/manage/' . $type . '/comment', - 'access arguments' => array('administer content types'), ), ); } diff --git a/core/modules/comment/lib/Drupal/comment/Tests/CommentTestBase.php b/core/modules/comment/lib/Drupal/comment/Tests/CommentTestBase.php index 902dbdd..a0f5572 100644 --- a/core/modules/comment/lib/Drupal/comment/Tests/CommentTestBase.php +++ b/core/modules/comment/lib/Drupal/comment/Tests/CommentTestBase.php @@ -20,7 +20,7 @@ * * @var array */ - public static $modules = array('comment', 'node', 'history'); + public static $modules = array('comment', 'node', 'history', 'field_ui'); /** * An administrative user with permission to configure comment settings. @@ -57,6 +57,7 @@ function setUp() { $this->admin_user = $this->drupalCreateUser(array( 'administer content types', 'administer comments', + 'administer comment fields', 'skip comment approval', 'post comments', 'access comments', diff --git a/core/modules/field/modules/link/lib/Drupal/link/Tests/LinkFieldUITest.php b/core/modules/field/modules/link/lib/Drupal/link/Tests/LinkFieldUITest.php index 2a29792..f8ff160 100644 --- a/core/modules/field/modules/link/lib/Drupal/link/Tests/LinkFieldUITest.php +++ b/core/modules/field/modules/link/lib/Drupal/link/Tests/LinkFieldUITest.php @@ -32,7 +32,7 @@ public static function getInfo() { function setUp() { parent::setUp(); - $this->web_user = $this->drupalCreateUser(array('administer content types')); + $this->web_user = $this->drupalCreateUser(array('administer content types', 'administer node fields', 'administer node display')); $this->drupalLogin($this->web_user); } diff --git a/core/modules/field/modules/number/lib/Drupal/number/Tests/NumberFieldTest.php b/core/modules/field/modules/number/lib/Drupal/number/Tests/NumberFieldTest.php index 63bef1f..56fa2cd 100644 --- a/core/modules/field/modules/number/lib/Drupal/number/Tests/NumberFieldTest.php +++ b/core/modules/field/modules/number/lib/Drupal/number/Tests/NumberFieldTest.php @@ -36,7 +36,7 @@ public static function getInfo() { function setUp() { parent::setUp(); - $this->web_user = $this->drupalCreateUser(array('access field_test content', 'administer field_test content', 'administer content types')); + $this->web_user = $this->drupalCreateUser(array('access field_test content', 'administer field_test content', 'administer content types', 'administer node fields','administer node display')); $this->drupalLogin($this->web_user); } diff --git a/core/modules/field/modules/options/lib/Drupal/options/Tests/OptionsFieldUITest.php b/core/modules/field/modules/options/lib/Drupal/options/Tests/OptionsFieldUITest.php index 5215be6..afc5951 100644 --- a/core/modules/field/modules/options/lib/Drupal/options/Tests/OptionsFieldUITest.php +++ b/core/modules/field/modules/options/lib/Drupal/options/Tests/OptionsFieldUITest.php @@ -33,7 +33,7 @@ function setUp() { parent::setUp(); // Create test user. - $admin_user = $this->drupalCreateUser(array('access content', 'administer content types', 'administer taxonomy')); + $admin_user = $this->drupalCreateUser(array('access content', 'administer content types', 'administer node fields', 'administer taxonomy')); $this->drupalLogin($admin_user); // Create content type, with underscores. diff --git a/core/modules/field/modules/options/lib/Drupal/options/Tests/OptionsWidgetsTest.php b/core/modules/field/modules/options/lib/Drupal/options/Tests/OptionsWidgetsTest.php index d61eebb..06f142e 100644 --- a/core/modules/field/modules/options/lib/Drupal/options/Tests/OptionsWidgetsTest.php +++ b/core/modules/field/modules/options/lib/Drupal/options/Tests/OptionsWidgetsTest.php @@ -477,7 +477,7 @@ function testOnOffCheckbox() { $this->drupalCreateContentType(array('type' => 'page', 'name' => 'Basic page')); // Create admin user. - $admin_user = $this->drupalCreateUser(array('access content', 'administer content types', 'administer taxonomy')); + $admin_user = $this->drupalCreateUser(array('access content', 'administer content types', 'administer node fields', 'administer taxonomy')); $this->drupalLogin($admin_user); // Create a test field instance. diff --git a/core/modules/field/modules/text/lib/Drupal/text/Tests/TextTranslationTest.php b/core/modules/field/modules/text/lib/Drupal/text/Tests/TextTranslationTest.php index 0ac151f..5693366 100644 --- a/core/modules/field/modules/text/lib/Drupal/text/Tests/TextTranslationTest.php +++ b/core/modules/field/modules/text/lib/Drupal/text/Tests/TextTranslationTest.php @@ -39,6 +39,7 @@ function setUp() { $this->admin = $this->drupalCreateUser(array( 'administer languages', 'administer content types', + 'administer node fields', 'access administration pages', 'bypass node access', filter_permission_name($full_html_format), diff --git a/core/modules/field_ui/field_ui.module b/core/modules/field_ui/field_ui.module index a04c0dd..2328dfb 100644 --- a/core/modules/field_ui/field_ui.module +++ b/core/modules/field_ui/field_ui.module @@ -94,11 +94,15 @@ function field_ui_menu() { // items below. $field_position = count(explode('/', $path)) + 1; - // Extract access information, providing defaults. - $access = array_intersect_key($bundle_info['admin'], drupal_map_assoc(array('access callback', 'access arguments'))); - $access += array( + // User access check to be done against the permission to edit + // fields or the display per entity type. + $access_fields = array( 'access callback' => 'user_access', - 'access arguments' => array('administer site configuration'), + 'access arguments' => array('administer ' . $entity_type . ' fields'), + ); + $access_display = array( + 'access callback' => 'user_access', + 'access arguments' => array('administer ' . $entity_type . ' display'), ); $items["$path/fields"] = array( @@ -108,7 +112,7 @@ function field_ui_menu() { 'type' => MENU_LOCAL_TASK, 'weight' => 1, 'file' => 'field_ui.admin.inc', - ) + $access; + ) + $access_fields; $items["$path/fields/%field_ui_menu"] = array( 'load arguments' => array($entity_type, $bundle_arg, $bundle_pos, '%map'), 'title callback' => 'field_ui_menu_title', @@ -116,7 +120,7 @@ function field_ui_menu() { 'page callback' => 'drupal_get_form', 'page arguments' => array('field_ui_field_edit_form', $field_position), 'file' => 'field_ui.admin.inc', - ) + $access; + ) + $access_fields; $items["$path/fields/%field_ui_menu/edit"] = array( 'load arguments' => array($entity_type, $bundle_arg, $bundle_pos, '%map'), 'title' => 'Edit', @@ -124,7 +128,7 @@ function field_ui_menu() { 'page arguments' => array('field_ui_field_edit_form', $field_position), 'type' => MENU_DEFAULT_LOCAL_TASK, 'file' => 'field_ui.admin.inc', - ) + $access; + ) + $access_fields; $items["$path/fields/%field_ui_menu/field-settings"] = array( 'load arguments' => array($entity_type, $bundle_arg, $bundle_pos, '%map'), 'title' => 'Field settings', @@ -132,7 +136,7 @@ function field_ui_menu() { 'page arguments' => array('field_ui_field_settings_form', $field_position), 'type' => MENU_LOCAL_TASK, 'file' => 'field_ui.admin.inc', - ) + $access; + ) + $access_fields; $items["$path/fields/%field_ui_menu/widget-type"] = array( 'load arguments' => array($entity_type, $bundle_arg, $bundle_pos, '%map'), 'title' => 'Widget type', @@ -140,7 +144,7 @@ function field_ui_menu() { 'page arguments' => array('field_ui_widget_type_form', $field_position), 'type' => MENU_LOCAL_TASK, 'file' => 'field_ui.admin.inc', - ) + $access; + ) + $access_fields; $items["$path/fields/%field_ui_menu/delete"] = array( 'load arguments' => array($entity_type, $bundle_arg, $bundle_pos, '%map'), 'title' => 'Delete', @@ -149,7 +153,7 @@ function field_ui_menu() { 'type' => MENU_VISIBLE_IN_BREADCRUMB, 'weight' => 10, 'file' => 'field_ui.admin.inc', - ) + $access; + ) + $access_fields; // 'Manage display' tab. $items["$path/display"] = array( @@ -159,7 +163,7 @@ function field_ui_menu() { 'type' => MENU_LOCAL_TASK, 'weight' => 2, 'file' => 'field_ui.admin.inc', - ) + $access; + ) + $access_display; // View modes secondary tabs. // The same base $path for the menu item (with a placeholder) can be @@ -179,7 +183,7 @@ function field_ui_menu() { // display' setting for the view mode, and the overall access // rules for the bundle admin pages. 'access callback' => '_field_ui_view_mode_menu_access', - 'access arguments' => array_merge(array($entity_type, $bundle_arg, $view_mode, $access['access callback']), $access['access arguments']), + 'access arguments' => array($entity_type, $bundle_arg, $view_mode, $access_display['access arguments'][0]), 'type' => ($view_mode == 'default' ? MENU_DEFAULT_LOCAL_TASK : MENU_LOCAL_TASK), 'weight' => ($view_mode == 'default' ? -10 : $weight++), 'file' => 'field_ui.admin.inc', @@ -193,6 +197,29 @@ function field_ui_menu() { } /** + * Implements hook_permission(). + */ +function field_ui_permission() { + $permissions = array(); + + foreach (entity_get_info() as $entity_type => $entity_info) { + if ($entity_info['fieldable']) { + // Create a permission for each fieldable entity to manage + // the fields and the display. + $permissions['administer ' . $entity_type . ' fields'] = array( + 'title' => t('%entity_label: Administer fields', array('%entity_label' => $entity_info['label'])), + 'restrict access' => TRUE, + ); + $permissions['administer ' . $entity_type . ' display'] = array( + 'title' => t('%entity_label: Administer display', array('%entity_label' => $entity_info['label'])) + ); + } + } + + return $permissions; +} + +/** * Menu loader callback: Loads a field instance based on field and bundle name. * * @param $field_name @@ -251,32 +278,16 @@ function field_ui_menu_title($instance) { * * @see field_ui_menu() */ -function _field_ui_view_mode_menu_access($entity_type, $bundle, $view_mode, $access_callback) { +function _field_ui_view_mode_menu_access($entity_type, $bundle, $view_mode, $permission) { // First, determine visibility according to the 'use custom display' // setting for the view mode. $bundle = field_extract_bundle($entity_type, $bundle); $view_mode_settings = field_view_mode_settings($entity_type, $bundle); $visibility = ($view_mode == 'default') || !empty($view_mode_settings[$view_mode]['custom_settings']); - // Then, determine access according to the $access parameter. This duplicates - // part of _menu_check_access(). + // Then, determine access according to the $permission parameter. if ($visibility) { - // Grab the variable 'access arguments' part. - $args = array_slice(func_get_args(), 4); - $callback = empty($access_callback) ? 0 : trim($access_callback); - if (is_numeric($callback)) { - return (bool) $callback; - } - else { - // As call_user_func_array() is quite slow and user_access is a very - // common callback, it is worth making a special case for it. - if ($access_callback == 'user_access') { - return (count($args) == 1) ? user_access($args[0]) : user_access($args[0], $args[1]); - } - else { - return call_user_func_array($access_callback, $args); - } - } + return user_access($permission); } } diff --git a/core/modules/field_ui/lib/Drupal/field_ui/Tests/AlterTest.php b/core/modules/field_ui/lib/Drupal/field_ui/Tests/AlterTest.php index b410e1b..016b9d0 100644 --- a/core/modules/field_ui/lib/Drupal/field_ui/Tests/AlterTest.php +++ b/core/modules/field_ui/lib/Drupal/field_ui/Tests/AlterTest.php @@ -37,7 +37,7 @@ function setUp() { $this->drupalCreateContentType(array('type' => 'article', 'name' => 'Article')); // Create test user. - $admin_user = $this->drupalCreateUser(array('access content', 'administer content types', 'administer users')); + $admin_user = $this->drupalCreateUser(array('access content', 'administer content types', 'administer node fields', 'administer users', 'administer user fields')); $this->drupalLogin($admin_user); } diff --git a/core/modules/field_ui/lib/Drupal/field_ui/Tests/FieldUiTestBase.php b/core/modules/field_ui/lib/Drupal/field_ui/Tests/FieldUiTestBase.php index 39324bf..5124cb4 100644 --- a/core/modules/field_ui/lib/Drupal/field_ui/Tests/FieldUiTestBase.php +++ b/core/modules/field_ui/lib/Drupal/field_ui/Tests/FieldUiTestBase.php @@ -25,7 +25,7 @@ function setUp() { parent::setUp(); // Create test user. - $admin_user = $this->drupalCreateUser(array('access content', 'administer content types', 'administer taxonomy', 'administer users')); + $admin_user = $this->drupalCreateUser(array('access content', 'administer content types', 'administer node fields', 'administer node display', 'administer taxonomy', 'administer taxonomy_term fields' , 'administer users', 'administer user display')); $this->drupalLogin($admin_user); // Create content type, with underscores. diff --git a/core/modules/field_ui/lib/Drupal/field_ui/Tests/ManageFieldsTest.php b/core/modules/field_ui/lib/Drupal/field_ui/Tests/ManageFieldsTest.php index 17d4bd7..841229b 100644 --- a/core/modules/field_ui/lib/Drupal/field_ui/Tests/ManageFieldsTest.php +++ b/core/modules/field_ui/lib/Drupal/field_ui/Tests/ManageFieldsTest.php @@ -111,7 +111,7 @@ function createField() { // should also appear in the 'taxonomy term' entity. $vocabulary = taxonomy_vocabulary_load(1); $this->drupalGet('admin/structure/taxonomy/' . $vocabulary->machine_name . '/fields'); - $this->assertTrue($this->xpath('//select[@name="fields[_add_existing_field][field_name]"]//option[@value="' . $this->field_name . '"]'), 'Existing field was found in account settings.'); + $this->assertTrue($this->xpath('//select[@name="fields[_add_existing_field][field_name]"]//option[@value="' . $this->field_name . '"]'), 'Existing field was found in taxonomy term fields.'); } /** diff --git a/core/modules/file/lib/Drupal/file/Tests/FileFieldTestBase.php b/core/modules/file/lib/Drupal/file/Tests/FileFieldTestBase.php index e291bec..a9f7106 100644 --- a/core/modules/file/lib/Drupal/file/Tests/FileFieldTestBase.php +++ b/core/modules/file/lib/Drupal/file/Tests/FileFieldTestBase.php @@ -19,7 +19,7 @@ * * @var array */ - public static $modules = array('file', 'file_module_test'); + public static $modules = array('file', 'file_module_test', 'field_ui'); protected $profile = 'standard'; @@ -27,7 +27,7 @@ function setUp() { parent::setUp(); - $this->admin_user = $this->drupalCreateUser(array('access content', 'access administration pages', 'administer site configuration', 'administer users', 'administer permissions', 'administer content types', 'administer nodes', 'bypass node access')); + $this->admin_user = $this->drupalCreateUser(array('access content', 'access administration pages', 'administer site configuration', 'administer users', 'administer permissions', 'administer content types', 'administer node fields', 'administer node display', 'administer comment fields', 'administer nodes', 'bypass node access')); $this->drupalLogin($this->admin_user); } diff --git a/core/modules/image/lib/Drupal/image/Tests/ImageFieldTestBase.php b/core/modules/image/lib/Drupal/image/Tests/ImageFieldTestBase.php index fc964ac..3d75f78 100644 --- a/core/modules/image/lib/Drupal/image/Tests/ImageFieldTestBase.php +++ b/core/modules/image/lib/Drupal/image/Tests/ImageFieldTestBase.php @@ -37,7 +37,7 @@ * * @var array */ - public static $modules = array('node', 'image'); + public static $modules = array('node', 'image', 'field_ui'); protected $admin_user; @@ -50,7 +50,7 @@ function setUp() { $this->drupalCreateContentType(array('type' => 'article', 'name' => 'Article')); } - $this->admin_user = $this->drupalCreateUser(array('access content', 'access administration pages', 'administer site configuration', 'administer content types', 'administer nodes', 'create article content', 'edit any article content', 'delete any article content', 'administer image styles')); + $this->admin_user = $this->drupalCreateUser(array('access content', 'access administration pages', 'administer site configuration', 'administer content types', 'administer node fields', 'administer nodes', 'create article content', 'edit any article content', 'delete any article content', 'administer image styles')); $this->drupalLogin($this->admin_user); } diff --git a/core/modules/node/content_types.inc b/core/modules/node/content_types.inc index 999de7f..ea00db6 100644 --- a/core/modules/node/content_types.inc +++ b/core/modules/node/content_types.inc @@ -30,12 +30,14 @@ function node_overview_types() { 'weight' => 0, ); - if ($field_ui) { + if ($field_ui && user_access('administer node fields')) { $links['fields'] = array( 'title' => t('manage fields'), 'href' => 'admin/structure/types/manage/' . $type->type . '/fields', 'weight' => 5, ); + } + if ($field_ui && user_access('administer node display')) { $links['display'] = array( 'title' => t('manage display'), 'href' => 'admin/structure/types/manage/' . $type->type . '/display', diff --git a/core/modules/node/lib/Drupal/node/Tests/NodeAccessFieldTest.php b/core/modules/node/lib/Drupal/node/Tests/NodeAccessFieldTest.php index 8dd2ab6..130eafd 100644 --- a/core/modules/node/lib/Drupal/node/Tests/NodeAccessFieldTest.php +++ b/core/modules/node/lib/Drupal/node/Tests/NodeAccessFieldTest.php @@ -34,7 +34,7 @@ public function setUp() { // Create some users. $this->admin_user = $this->drupalCreateUser(array('access content', 'bypass node access')); - $this->content_admin_user = $this->drupalCreateUser(array('access content', 'administer content types')); + $this->content_admin_user = $this->drupalCreateUser(array('access content', 'administer content types', 'administer node fields')); // Add a custom field to the page content type. $this->field_name = drupal_strtolower($this->randomName() . '_field_name'); diff --git a/core/modules/node/lib/Drupal/node/Tests/NodeTypeInitialLanguageTest.php b/core/modules/node/lib/Drupal/node/Tests/NodeTypeInitialLanguageTest.php index 5c906d7..7041a30 100644 --- a/core/modules/node/lib/Drupal/node/Tests/NodeTypeInitialLanguageTest.php +++ b/core/modules/node/lib/Drupal/node/Tests/NodeTypeInitialLanguageTest.php @@ -30,7 +30,7 @@ public static function getInfo() { function setUp() { parent::setUp(); - $web_user = $this->drupalCreateUser(array('bypass node access', 'administer content types', 'administer languages')); + $web_user = $this->drupalCreateUser(array('bypass node access', 'administer content types', 'administer node fields', 'administer node display', 'administer languages')); $this->drupalLogin($web_user); } diff --git a/core/modules/node/lib/Drupal/node/Tests/NodeTypeTest.php b/core/modules/node/lib/Drupal/node/Tests/NodeTypeTest.php index 944af15..5b0435b 100644 --- a/core/modules/node/lib/Drupal/node/Tests/NodeTypeTest.php +++ b/core/modules/node/lib/Drupal/node/Tests/NodeTypeTest.php @@ -80,7 +80,7 @@ function testNodeTypeCreation() { * Tests editing a node type using the UI. */ function testNodeTypeEditing() { - $web_user = $this->drupalCreateUser(array('bypass node access', 'administer content types')); + $web_user = $this->drupalCreateUser(array('bypass node access', 'administer content types', 'administer node fields')); $this->drupalLogin($web_user); $instance = field_info_instance('node', 'body', 'page'); diff --git a/core/modules/node/node.module b/core/modules/node/node.module index 08d7810..7a0904b 100644 --- a/core/modules/node/node.module +++ b/core/modules/node/node.module @@ -205,7 +205,6 @@ function node_entity_info(&$info) { 'path' => 'admin/structure/types/manage/%node_type', 'real path' => 'admin/structure/types/manage/' . $type, 'bundle argument' => 4, - 'access arguments' => array('administer content types'), ), ); } diff --git a/core/modules/picture/lib/Drupal/picture/Tests/PictureFieldDisplayTest.php b/core/modules/picture/lib/Drupal/picture/Tests/PictureFieldDisplayTest.php index 69b0231..7798eae 100644 --- a/core/modules/picture/lib/Drupal/picture/Tests/PictureFieldDisplayTest.php +++ b/core/modules/picture/lib/Drupal/picture/Tests/PictureFieldDisplayTest.php @@ -46,6 +46,7 @@ public function setUp() { 'access administration pages', 'administer site configuration', 'administer content types', + 'administer node display', 'administer nodes', 'create article content', 'edit any article content', diff --git a/core/modules/taxonomy/lib/Drupal/taxonomy/Tests/RssTest.php b/core/modules/taxonomy/lib/Drupal/taxonomy/Tests/RssTest.php index e87d931..483c954 100644 --- a/core/modules/taxonomy/lib/Drupal/taxonomy/Tests/RssTest.php +++ b/core/modules/taxonomy/lib/Drupal/taxonomy/Tests/RssTest.php @@ -30,7 +30,7 @@ public static function getInfo() { function setUp() { parent::setUp(); - $this->admin_user = $this->drupalCreateUser(array('administer taxonomy', 'bypass node access', 'administer content types')); + $this->admin_user = $this->drupalCreateUser(array('administer taxonomy', 'bypass node access', 'administer content types', 'administer node display')); $this->drupalLogin($this->admin_user); $this->vocabulary = $this->createVocabulary(); diff --git a/core/modules/taxonomy/taxonomy.module b/core/modules/taxonomy/taxonomy.module index d8ea5b7..99b9a18 100644 --- a/core/modules/taxonomy/taxonomy.module +++ b/core/modules/taxonomy/taxonomy.module @@ -116,7 +116,6 @@ function taxonomy_entity_info(&$info) { 'path' => 'admin/structure/taxonomy/%taxonomy_vocabulary_machine_name', 'real path' => 'admin/structure/taxonomy/' . $machine_name, 'bundle argument' => 3, - 'access arguments' => array('administer taxonomy'), ), ); } diff --git a/core/modules/translation_entity/translation_entity.pages.inc b/core/modules/translation_entity/translation_entity.pages.inc index be06e6a..3b930c9 100644 --- a/core/modules/translation_entity/translation_entity.pages.inc +++ b/core/modules/translation_entity/translation_entity.pages.inc @@ -20,7 +20,7 @@ function translation_entity_overview(EntityInterface $entity) { $languages = language_list(); $original = $entity->language()->langcode; $translations = $entity->getTranslationLanguages(); - $field_ui = module_exists('field_ui'); + $field_ui = module_exists('field_ui') && user_access('administer ' . $entity->entityType() . ' fields'); $path = $controller->getViewPath($entity); $base_path = $controller->getBasePath($entity); diff --git a/core/modules/user/lib/Drupal/user/Plugin/Core/Entity/User.php b/core/modules/user/lib/Drupal/user/Plugin/Core/Entity/User.php index dbedf89..f57d4fe 100644 --- a/core/modules/user/lib/Drupal/user/Plugin/Core/Entity/User.php +++ b/core/modules/user/lib/Drupal/user/Plugin/Core/Entity/User.php @@ -39,7 +39,6 @@ * "label" = "User", * "admin" = { * "path" = "admin/config/people/accounts", - * "access arguments" = {"administer users"} * } * } * },